﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;


namespace RoomService
{
    public partial class WebForm1 : System.Web.UI.Page
    {
        public int Validate_Login(string Username, string Password)
        {
            SqlConnection con = new SqlConnection(@"User id=sa;Password=Dotnetfunda;Server=VUYISWA\VUYISWA;Database=Forum");
            SqlCommand cmdselect = new SqlCommand();
            cmdselect.CommandType = CommandType.StoredProcedure;
            cmdselect.CommandText = "[dbo].[prcLoginv]";
            cmdselect.Parameters.Add("@Username", SqlDbType.VarChar, 50).Value = Username;
            cmdselect.Parameters.Add("@UPassword", SqlDbType.VarChar, 50).Value = Password;
            cmdselect.Parameters.Add("@OutRes", SqlDbType.Int, 4);
            cmdselect.Parameters["@OutRes"].Direction = ParameterDirection.Output;
            cmdselect.Connection = con;
            int Results = 0;
            try
            {
                con.Open();
                cmdselect.ExecuteNonQuery();
                Results = (int)cmdselect.Parameters["@OutRes"].Value;
            }
            catch (SqlException ex)
            {
                Label1.Text = ex.Message;
            }
            finally
            {
                cmdselect.Dispose();
                if (con != null)
                {
                    con.Close();
                }
            }
            return Results;
        }

        protected void btnlogin_Click(object sender, EventArgs e)
        {


            int Results = 0;

            if (name_txt.Text != string.Empty && email_txt.Text != string.Empty)
            {

                Results = Validate_Login(name_txt.Text.Trim(), email_txt.Text.Trim());

                if (Results == 1)
                {

                    Label1.Text = "Login is Good, Send the User to another page or enable controls";

                }

                else
                {

                    Label1.Text = "Invalid Login";

                    Label1.ForeColor = System.Drawing.Color.Red;

                    //Dont Give too much information this might tell a hacker what is wrong in the login

                }

            }

            else
            {

                Label1.Text = "Please make sure that the username and the password is Correct";

            }

        }

        protected void Page_Load(object sender, EventArgs e)
        {

        }
    }
}